Security

Keccak: The New SHA-3 Encryption Standard

By José R.C. Cruz, May 07, 2013

After years of testing and analysis, the U.S. government selected the Keccak algorithm to be the new SHA-3 encryption standard. Here is how it works and how to use it.

Listing One shows how to add SHA-3 support to the NSString class. Here, the category SHA3String declares two method prototypes (lines 8-9). The category method sha3AsCstring extracts the raw message bytes with the instance method cStringUsingEncoding: (line 25). It specifies standard ASCII as the desired text encoding. The method counts the number of message bytes and creates the hash variable tHash (lines 29-30). It passes the count, message text, and hash variable to the entry function Hash() (line 33). Hash() returns the 512-bit message hash, and sha3AsCstring recasts the hash into a constant character string (line 36). BitSequence, by the way, is Keccak's custom typedef for char.

The category method sha3AsData returns the message hash as an NSData object. It relies on sha3AsCstring to process the message bytes (line 48). Then it uses the factory method dataWithBytes:length: to create the object (lines 52-53).

Listing Two shows SHA-3 as a singleton class. A singleton provides a common global access point to the SHA-3 algorithm. It handles its own memory management, and as such, does not require explicit disposal.

The singleton class SHA3Single starts by declaring a private property pSize (line 17). This property holds the desired hash size in bits. The class also declares the property accessor hashSize and four method prototypes, two of which are factory methods (lines 19-27).

Next, the class define the static global gHash to hold the singleton instance (line 33). It then defines the hashSize accessor, the two factory and two instance methods. The factory method defaultGenerator checks the gHash global (line 45) and creates an instance of SHA3Single (line 48). It also sets the pSize property to the default hash size of 512 bits (line 51).

The factory method generatorForSize: gets a hash size as input. It, too, checks the gHash global and creates the SHA3Single instance. But it updates the pSize property to the specified size (line 71).

The instance method hashMessage:into: gets a message text (aMesg) and a hash variable (aHash) as input. It counts the number of message bytes, and passes both message text, byte count, and hash variable to the entry function Hash() (lines 85-88). Hash() then stores the message hash into the variable aHash.

The instance method hashObject:into: gets a generic Cocoa object (aMesg) as one of its inputs. It uses the instance method isKindOfClass: (lines 101-102, 105-106) to identify the object. Once it has the object type, hashObject:into: uses the correct code to extract the raw message text (lines 104, 112). Here, too, it counts the message bytes and generates the message hash with Hash() (line 121-124). Then it stores the resulting hash in aHash.

To use the SHA-3 singleton, create the instance with the appropriate factory method. The snippet below creates the 512-bit variant of SHA-3.

SHA3Single *tSHA3;
tSHA3 = [SHA3Single defaultGenerator];

Then use the appropriate instance method to process the message. This next snippet, for instance, uses the method hashMessage:into: to process an NSString object.

Conclusion

Overall, Keccak is a good choice for the SHA-3 standard. It is fast, it has a uniform bit distribution, and it resists collisions well. But the digital arms race is far from over. Years from now perhaps, there will be successful attacks against Keccak. When that happens, NIST shall have to prepare a new hash standard. That, however, is a topic for another time.

José Cruz is a freelance engineering writer based in British Columbia. He frequently contributes articles to Dr. Dobb's.

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task.
However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

Video

This month's Dr. Dobb's Journal

This month,
Dr. Dobb's Journal is devoted to mobile programming. We introduce you to Apple's new Swift programming language, discuss the perils of being the third-most-popular mobile platform, revisit SQLite on Android
, and much more!